package com.l.shirodemo.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.session.Session;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpSession;

@Controller

public class TestController {
    @RequestMapping("/admin/list")
    public String list() {

        Session session = SecurityUtils.getSubject().getSession();
//        可以获取到 HttpSession 中的值
        Object mykey = session.getAttribute("mykey");
        System.out.println(mykey);


        return "admin";
    }

    @RequestMapping("/toError")
    public String toError() {
        return "error";
    }

    @RequestMapping("/test")
    @RequiresRoles(value = {"admin"})
    public String test(HttpSession session) {
    session.setAttribute("mykey","myvalue");
        System.out.println("test");
        return "redirect:test.jsp";
    }
}
